Question

Locked

NTFS permissions repair

By brian ·
Greets,

I was working on a machine that had some adware/virus and other garbage on it. In order to get at some of the data/folders I pulled the HD and attached it to my tech computer. My intention was to empty the Temp folders under the users home folder, however it wouldn't let me in the folders due to permission settings. So, I took ownership. Bad idea. When I put the drive back in the customers computer, things were whacked, to put it simply. Is there a process or a utility to restore default permissions to the entire directory structure? This is an XP Home machine with two user accounts, both are administrators.

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

grant permissions back to the users

by XT John In reply to NTFS permissions repair

When you say things are whacked, I'm assuming they ar eable to log into Windows, but as they try to run programs, or access their files, they can't. Check out this site for settting file permissions using XP Home:

http://www.softwaretipsandtricks.com/windowsxp/articles/2/1/XP-Home-advanced-file-permissions

The 2 users will need their permissions set on their documents and settings folder; and propogated downward into all their files and sub-folders.

Collapse -

How to repair system files and registry entry permissions to default values

by JBDynamics In reply to NTFS permissions repair

First off, this is only applicable to NTFS filesystems. If you are unsure if you have an NTFS File system do the following: Right Click My Computer on the Desktop and Select "Manage" Then navigate down to Disk Management. Look through the list of disks in the top-right window, find disk C: and ensure it says NTFS and NOT FAT32.

Now if you have an NTFS filesystem, you can use the Security Configuration templates in conjunction with the Security Configuration and Analysis snap-in from Microsoft Management Console (MMC) to restore the default security settings in Windows 2000. To do so, follow these steps:

1. Click Start, and then click Run.

2. In the Open box, type mmc.exe, and then click OK.

3. On the Console menu, click Add/Remove Snap-in.

4. Click Add, and then double-click Security Configuration and Analysis.

5. Click Close, and then click OK.

6. Right-click Security Configuration and Analysis, and then click Open database.

7. Create the following new database file:
%SystemRoot%\Security\Database\Aclrestore.sdb
You will be prompted to import a security template.

8. Look in the list, click My Computer, and then double-click Local Disk (C:).

9. Navigate to C:\Windows\Security\Templates\

Note By default, the Inf folder is hidden. To view the hidden Inf folder, follow these steps:
A. On the desktop of your computer, double-click My Computer.
B. On the Tools menu, click Folder Options.
C. Click the View tab, click Show hidden files and folders, and then click OK.

10. Select one of the following templates (.inf files), as appropriate for your configuration, and then click Open:

Windows 2003+:
There is usually only one option, but here is what the various files represent:
A. Default.inf - Workstation Default Template
B. Default DC.inf - Server Default Template (Domain Controller)
C. Default SV.inf - Server Default Template (Non-Domain Controller)

Windows 2000 and Older:
Again, usually only one option, but here is what all the possibilities represent:
A. Defltwk.inf - Workstation Default Template
B. Defltsv.inf - Server Default Template (Non-Domain Controller)
C. Defltdc.inf - Server Default Template (Domain-Controller)

11. Now that you've loaded the template, you need to right click the "Security Configuration and Analysis" from the left navigation menu and select "Analyze Computer Now".
A.) Select a file location for the Error Log and wait for the Analysis to finish. There will be a check mark next to every item on the pop-up window if the scan is successful.
B.) After analysis, you can decide whether to then reset everything to default security values.
i.) If so, Right Click the "Security Configuration and Analysis" from the left navigation menu and select "Configure Computer Now"
ii.) If you don't wish to restore everything, go through all the directories/registry trees that were just created and then you will have to manually set the proper security associations.
a.) Usually it is alright to just "Configure Computer Now" unless there is some very special security allowances, if that is the case you can use icalcs.exe after Configuring the computer to add or remove permissions for specific users from directories, files, or registry keys.

Hope this helps someone with this same problem.

Back to Malware Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums